Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
File: lQPIUJD5zC4inTj96rrmJlCL3rg.mft (raw, json)
Hash identifier: Djan83cfw+ccsL0jKMKoMsEqr89mNMqQxYow4uNLcZM=
Subject key identifier: C7:9D:1C:E7:21:72:5F:1C:9B:93:38:E5:1A:B7:50:72:DD:08:23:7B
Authority key identifier: 95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8
Certificate issuer: /CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
Certificate serial: 019A7149D7EC70311BE0389E9F333102B73C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
Manifest number: 0440
Signing time: Tue 11 Nov 2025 05:00:56 +0000
Manifest this update: Tue 11 Nov 2025 05:00:56 +0000
Manifest next update: Wed 12 Nov 2025 05:00:56 +0000
Files and hashes: 1: lQPIUJD5zC4inTj96rrmJlCL3rg.crl (hash: 9CUHwyKRk6TO2H+r8aQ/gxe8QFcUdAqqChIQwcy/syw=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:71:49:d7:ec:70:31:1b:e0:38:9e:9f:33:31:02:b7:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9503c85090f9cc2e229d38fdeabae626508bdeb8
Validity
Not Before: Nov 11 05:00:56 2025 GMT
Not After : Nov 12 05:00:56 2025 GMT
Subject: CN=c79d1ce721725f1c9b9338e51ab75072dd08237b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:cb:2b:d6:6f:42:e6:6f:68:71:be:21:ba:ef:
e4:62:0b:7e:ff:78:88:0f:fa:9f:10:04:df:92:95:
66:07:ca:d1:41:33:58:4e:a8:f1:36:10:bf:9e:c9:
d8:ca:57:92:ed:79:6f:b2:cb:a5:fb:76:ee:dd:ed:
b6:ef:74:17:24:09:3e:8b:6e:de:3f:7f:a1:4b:55:
06:8a:5d:cc:94:be:4b:de:2e:41:a2:03:20:97:4b:
88:ef:90:ab:e9:ce:29:a1:e3:b7:93:dc:f5:8f:2a:
e7:8d:82:90:b7:e0:8d:eb:1a:36:3f:6a:4b:cd:8f:
16:ef:1b:58:ba:e9:3b:bf:ff:b2:55:97:0c:ea:69:
41:24:46:af:94:f8:4e:13:6f:6e:e9:5a:8b:35:16:
d4:58:12:45:47:27:23:05:af:82:c9:6c:a3:7d:06:
95:bd:9f:1a:e0:33:07:f0:a8:f6:0f:fd:7d:1d:d1:
91:e4:1d:23:b1:a0:0f:20:05:d6:74:10:e6:88:17:
c5:6e:37:ad:12:a9:1b:a9:ef:8e:c4:71:ae:27:bb:
2e:f4:d0:19:05:d6:ce:c6:28:28:12:8b:11:5e:89:
51:f0:a4:cc:d0:40:fb:ad:0e:1c:73:08:a8:88:59:
e1:be:44:49:1c:17:44:89:04:fd:71:aa:80:03:bd:
9f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:9D:1C:E7:21:72:5F:1C:9B:93:38:E5:1A:B7:50:72:DD:08:23:7B
X509v3 Authority Key Identifier:
keyid:95:03:C8:50:90:F9:CC:2E:22:9D:38:FD:EA:BA:E6:26:50:8B:DE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQPIUJD5zC4inTj96rrmJlCL3rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/39294c-ebd1-4ef4-915e-f0dd879ae53a/1/lQPIUJD5zC4inTj96rrmJlCL3rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
4f:d8:96:0b:17:51:2e:58:31:65:c7:20:67:33:69:54:f9:83:
fd:2f:22:78:62:4a:73:86:23:85:bd:c5:7a:54:6b:00:0c:ea:
40:03:77:3c:a9:4e:f2:b2:d3:b0:da:02:83:06:cc:43:12:84:
2e:bb:5c:f6:03:f4:c8:5f:62:e9:1c:ca:8d:1f:37:ca:15:f4:
09:42:03:fd:71:43:1f:2c:72:94:36:74:1a:ba:6a:ad:e1:6d:
68:b3:8e:ac:e4:29:d4:30:f9:8f:f9:3a:f5:39:38:fc:5d:50:
89:d3:f3:bf:de:cb:58:39:d9:9b:34:40:9f:d9:df:be:32:bd:
3f:b4:62:b7:27:0c:09:fe:e9:6e:21:8f:cc:50:cb:71:41:a1:
d9:dc:5b:72:8e:d8:3e:e2:39:60:1f:28:71:40:17:ba:2a:e2:
c8:1e:e2:f1:37:32:52:98:96:c1:3b:67:70:c1:8b:6f:74:01:
66:5a:f0:91:8f:1d:7f:a6:a0:d2:3f:ad:33:11:25:3b:a9:ec:
a5:36:b6:81:d4:2a:df:f4:d4:a9:80:a4:69:f7:43:fe:8c:8c:
98:b2:d0:c5:41:08:0d:68:a9:50:e4:64:c3:e8:77:d7:0d:97:
a3:ad:05:34:ef:b5:6c:7f:7e:92:64:93:d0:30:d4:ee:e0:1f:
15:68:41:fe
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxSdfscDEb4DienzMxArc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDNjODUwOTBmOWNjMmUyMjlkMzhmZGVhYmFlNjI2NTA4
YmRlYjgwHhcNMjUxMTExMDUwMDU2WhcNMjUxMTEyMDUwMDU2WjAzMTEwLwYDVQQD
EyhjNzlkMWNlNzIxNzI1ZjFjOWI5MzM4ZTUxYWI3NTA3MmRkMDgyMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8sr1m9C5m9ocb4huu/kYgt+/3iI
D/qfEATfkpVmB8rRQTNYTqjxNhC/nsnYyleS7Xlvssul+3bu3e2273QXJAk+i27e
P3+hS1UGil3MlL5L3i5BogMgl0uI75Cr6c4poeO3k9z1jyrnjYKQt+CN6xo2P2pL
zY8W7xtYuuk7v/+yVZcM6mlBJEavlPhOE29u6VqLNRbUWBJFRycjBa+CyWyjfQaV
vZ8a4DMH8Kj2D/19HdGR5B0jsaAPIAXWdBDmiBfFbjetEqkbqe+OxHGuJ7su9NAZ
BdbOxigoEosRXolR8KTM0ED7rQ4ccwioiFnhvkRJHBdEiQT9caqAA72fGQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMedHOchcl8cm5M45Rq3UHLdCCN7MB8GA1UdIwQY
MBaAFJUDyFCQ+cwuIp04/eq65iZQi964MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUt
ZjBkZDg3OWFlNTNhLzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8zOTI5NGMtZWJkMS00ZWY0LTkxNWUtZjBkZDg3OWFlNTNh
LzEvbFFQSVVKRDV6QzRpblRqOTZycm1KbENMM3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAT9iWCxdR
LlgxZccgZzNpVPmD/S8ieGJKc4Yjhb3FelRrAAzqQAN3PKlO8rLTsNoCgwbMQxKE
Lrtc9gP0yF9i6RzKjR83yhX0CUID/XFDHyxylDZ0GrpqreFtaLOOrOQp1DD5j/k6
9Tk4/F1QidPzv97LWDnZmzRAn9nfvjK9P7RitycMCf7pbiGPzFDLcUGh2dxbco7Y
PuI5YB8ocUAXuiriyB7i8TcyUpiWwTtncMGLb3QBZlrwkY8df6ag0j+tMxElO6ns
pTa2gdQq3/TUqYCkafdD/oyMmLLQxUEIDWipUORkw+h31w2Xo60FNO+1bH9+kmST
0DDU7uAfFWhB/g==
-----END CERTIFICATE-----
Generated at Tue Nov 11 11:33:15 2025 by rpki-client